Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2024-47177 — OS Command Injection in Cups

CWE-78 — OS Command Injection CWE-1327 — Binding to an Unrestricted IP Address CWE-940 — Improper Verification of Source of a Communication Channel23 documents14 sources

Severity

5.3MEDIUMNVD

OSV8.6

EPSS

No EPSS data

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Openprinting Cups Linuxfoundation Cups-filters Debian Cups-filters +14 more

Timeline

PublishedSep 26

Latest updateDec 6

Description

Informational: No Impact of CUPS Vulnerabilities on Palo Alto Networks Products The Palo Alto Networks Product Security Assurance team has evaluated CVE-2024-47076, CVE-2024-47177, CVE-2024-47175, and CVE-2024-47176 in the Common UNIX Printing System (CUPS) as they relate to our products. Based on current information, Palo Alto Networks products and cloud services do not contain affected CUPS-related software packages and are not impacted by these issues. Affected products: Cloud NGFW, Cortex…

Affected Packages17 packages

▶Palo Altopaloalto/prisma_cloud_compute

▶Palo Altopaloalto/prisma_cloud

▶Palo Altopaloalto/prisma_access

▶Palo Altopaloalto/prisma_browser

▶Palo Altopaloalto/cloud_ngfw

🔴Vulnerability Details

OSV

CVE-2024-47176: CUPS is a standards-based, open-source printing system, and `cups-browsed` contains network printing functionality including, but not limited to, auto↗2024-09-26

▶

💥Exploits & PoCs

Metasploit

CUPS IPP Attributes LAN Remote Code Execution↗

▶

🔍Detection Rules

Suricata

ET INFO Observed Server Responding with PDD File With Known Dangerous/Exploitable Parameter↗2024-09-26

▶

Elastic

Network Connection by Cups or Foomatic-rip Child↗

▶

Elastic

Suspicious Execution from Foomatic-rip or Cupsd Parent↗

▶

Elastic

Cupsd or Foomatic-rip Shell Execution↗

▶

Elastic

File Creation by Cups or Foomatic-rip Child↗

▶

📋Vendor Advisories

Chrome

Stable Channel Update for ChromeOS / ChromeOS Flex: CVE-2024-47177↗2024-10-29

▶

Palo Alto

Informational: No Impact of CUPS Vulnerabilities on Palo Alto Networks Products↗2024-09-26

▶

Red Hat

cups-browsed: cups-browsed binds on UDP INADDR_ANY:631 trusting any packet from any source↗2024-09-26

▶

Debian

CVE-2024-47176: cups-filters - CUPS is a standards-based, open-source printing system, and `cups-browsed` conta...↗2024

▶

🕵️Threat Intelligence

Securelist

Exploits and vulnerabilities in Q3 2024↗2024-12-06

▶

Securelist

Analyzing the vulnerability landscape in Q3 2024↗2024-12-06

▶

Wiz

Crying Out Cloud - October 2024 Newsletter | Wiz↗2024-10-01

▶

Wiz

OpenPrinting CUPS Vulnerabilities: Analysis of related CVEs | Wiz Blog↗2024-09-29

▶

Wiz

OpenPrinting CUPS Vulnerabilities: Analysis of related CVEs | Wiz Blog↗2024-09-29

▶